New Zero-Day Vulnerability identified in all versions of Internet Explorer (IE)

On Saturday, Microsoft confirmed that all versions of Internet Explorer (IE) 6  through 11 are affected by the vulnerability attacks.  Please be aware that if you are using IE that your computer systems may become vulnerable and infected.

“A new zero-day vulnerability that resides in all versions of Internet Explorer has been spotted in the wild, Microsoft confirmed late Saturday. The vulnerability, which could allow remote code execution, is being used in limited, targeted attacks,according to Microsoft. While all versions of the web browser, IE 6 through 11, are affected by the vulnerability, attacks are currently targeting IE versions 9, 10 and 11. The attack leverages a previously unknown “use after free” vulnerability — data corruption that occurs after memory has been released — and bypasses both Windows DEP (data execution prevention) and ASLR (address space layout randomization) protections.The vulnerability is currently being exploited by a group of hackers targeting financial and defense organization in the US. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated,” Microsoft said. “The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer.” Microsoft said it is investigating the vulnerability and may issue an out-of-cycle security update to address the issue.” (CNET)

For more information and to learn how to eliminate your malware, please contact Cohen Electronics at 323-380-5612, info@cohenelectronics.com or visit our website at www.cohenelectronics.com.

 

 

Contact Info